Jump to content

Recommended Posts

Posted

Ok since maxtor still didnt made those sections cuz i dunno why... or he dont want to make those sections whatever

but anyways

 

#include <detours.h>

//Prototype of the original ShellAboutW API
int (__stdcall *ShellAboutWD_o)( HWND hWnd, LPCWSTR szApp, LPCWSTR szOtherStuff, HICON hIcon);

//Hooked ShellAboutW API
int __stdcall ShellAboutWD(HWND hWnd, LPCWSTR szApp, LPCWSTR szOtherStuff, HICON hIcon)
{
        return ShellAboutWD_o(hWnd, L"DragonHunter [LeetCoders]", L"The about API/Function is hooked by DragonHunter ;D!", hIcon); //Return to original api function
}

BOOL APIENTRY DllMain( HMODULE hModule,
                       DWORD  ul_reason_for_call,
                       LPVOID lpReserved
                     )
{
    switch (ul_reason_for_call)
    {
    case DLL_PROCESS_ATTACH:
        HANDLE ShellAboutWDProcessAddress; //Hold the ShellAboutW API memory address

        ShellAboutWDProcessAddress    =  GetProcAddress(
                                                        GetModuleHandle(L"Shell32"), //DLL Library
                                                        "ShellAboutW"                 //API/Function
                                                      );
        //Since we now have the memory address of ShellAboutW we can finally start the hook process :)


        if(ShellAboutWDProcessAddress != 0) //Check if memory address is found (Error-Handling)
        {
            ShellAboutWD_o = (            //Set the original API/Function
                int (__stdcall *)(        //Prototype
                HWND hWnd, LPCWSTR szApp, LPCWSTR szOtherStuff, HICON hIcon)) //Prototype
                DetourFunction(                        //Api-Hook ShellAboutW
                (PBYTE)ShellAboutWDProcessAddress,    //Get memory address
                (PBYTE)ShellAboutWD);                //Set ShellAboutWD_o -> ShellAboutWD
        }
        break;
    case DLL_PROCESS_DETACH:
            if(ShellAboutWDProcessAddress != 0)
            {
                DetourRemove(
                    (PBYTE)ShellAboutWDProcessAddress,    //Unhook the API/Function
                    (PBYTE)ShellAboutWD);
            }
        break;
    }
    return TRUE;
}

 

And this is the output

2a92l1c.png

 

Have fun...

 

Coded by DragonHunter

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...